|
209141
|
7.1 |
HIGH
Network
|
redhat
|
openshift_container_platform
|
A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic…
|
CWE-59
Link Following
|
CVE-2020-27833
|
2024-11-21 14:21 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209142
|
3.3 |
LOW
Local
|
imagemagick
redhat
fedoraproject
|
imagemagick
enterprise_linux_desktop
fedora
|
In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c.
|
-
|
CVE-2020-27769
|
2024-11-21 14:21 |
2021-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209143
|
5.5 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr d…
|
-
|
CVE-2020-27830
|
2024-11-21 14:21 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209144
|
7.8 |
HIGH
Local
|
uclouvain
fedoraproject
debian
|
openjpeg
fedora
debian_linux
|
A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to co…
|
CWE-787
CWE-120
Out-of-bounds Write
Classic Buffer Overflow
|
CVE-2020-27823
|
2024-11-21 14:21 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209145
|
5.5 |
MEDIUM
Local
|
uclouvain
redhat
fedoraproject
debian
|
openjpeg
enterprise_linux
fedora
debian_linux
|
A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow.…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-27824
|
2024-11-21 14:21 |
2021-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209146
|
7.5 |
HIGH
Network
|
samba
debian
fedoraproject
|
samba
debian_linux
fedora
|
A flaw was found in samba. Spaces used in a string around a domain name (DN), while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds me…
|
-
|
CVE-2020-27840
|
2024-11-21 14:21 |
2021-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209147
|
7.8 |
HIGH
Local
|
windscribe
|
windscribe
|
All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openv…
|
CWE-269
Improper Privilege Management
|
CVE-2020-27518
|
2024-11-21 14:21 |
2021-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209148
|
7.8 |
HIGH
Local
|
pritunl
|
pritunl-client-electron
|
Pritunl Client v1.2.2550.20 contains a local privilege escalation vulnerability in the pritunl-service component. The attack vector is: malicious openvpn config. A local attacker could leverage the l…
|
CWE-269
Improper Privilege Management
|
CVE-2020-27519
|
2024-11-21 14:21 |
2021-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209149
|
7.5 |
HIGH
Network
|
aviatrix
|
openvpn
|
Arbitrary File Write exists in Aviatrix VPN Client 2.8.2 and earlier. The VPN service writes logs to a location that is world writable and can be leveraged to gain write access to any file on the sys…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-27569
|
2024-11-21 14:21 |
2021-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209150
|
7.5 |
HIGH
Network
|
aviatrix
|
controller
|
Insecure File Permissions exist in Aviatrix Controller 5.3.1516. Several world writable files and directories were found in the controller resource. Note: All Aviatrix appliances are fully encrypted.…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-27568
|
2024-11-21 14:21 |
2021-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
